nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BGP hijack from 23724 -> 4134 China?

From: Danny McPherson <danny () tcb net>
Date: Thu, 8 Apr 2010 20:17:52 -0600

On Apr 8, 2010, at 8:05 PM, Brielle Bruns wrote:


Since there's been alot of requests for the ACLs, i've gone ahead and put the info on our wiki for easy access.

http://wiki.sosdg.org/sosdg:internal:chinafilter

Hope it comes in handy, and please let me know if i'm missing anything.


If you're going to post this and folks are actually going to consider 
employing it I suspect it'd be well worthwhile to include on that page 
how you generated it and how you keep it updated -- so that it can be 
updated by others as necessary.  

Additionally, folks should note that this policy would have made zero 
difference in this particularly incident, most of you likely realize that.  
Furthermore, a policy such as this does nothing to mitigate exfiltration 
of data TO those address blocks you've listed.

FWIW, this is a lot like putting a bandaid on a headache - it's not going 
to do much good in reality, and likely cause more harm than good in properly 
secured networks - but it might make some folks feel a little better.

-danny
Previous By Date Next
Previous By Thread Next

Current thread: